scalus3/local-development-loop
.claude/skills/local-development/SKILL.md
Use when developing or testing Scalus smart contracts with the local Emulator and TxBuilder. Covers how to create an Emulator provider, submit transactions, and test negative validator cases.
$ install --global
skillsauthnpx skillsauth add scalus3/scalus local-development-loopInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 12, 2026, 11:51 PM6.4s1 file scanned
SKILL.md
- name:
- local-development-loop
- description:
- Use when developing or testing Scalus smart contracts with the local Emulator and TxBuilder. Covers how to create an Emulator provider, submit transactions, and test negative validator cases.
Overview
When developing on-chain code, the Emulator is a local, single-node no-consensus implementation of the Cardano ledger. It includes phase 1 & 2 validation.
File structure for testing a validator
Three files are typically involved:
- Validator — the on-chain logic (e.g.
MyValidator.scala) - Contract — compiles the validator into a
PlutusV3value (e.g.MyContract.scala) - Transactions — uses
TxBuilderto create validator-specific transactions (e.g.MyTransactions.scala) - Test — wires everything together using the Emulator (e.g.
MyValidatorTest.scala)
Contract file
private given Options = Options.release
lazy val MyContract = PlutusV3.compile(MyValidator.validate)
For parameterized validators, apply the parameter after compilation:
val applied = MyContract.withErrorTraces(myParam) // applies param + enables traces
val script = Script.PlutusV3(applied.program.cborByteString)
val scriptAddress = applied.address(network)
Transactions file
CardanoInfo (aliased as env) carries network/protocol config and is provided by ScalusTest
via TestUtil.testEnvironment. Pass evaluator = PlutusScriptEvaluator.constMaxBudget(env) when
the TxBuilder needs to run scripts (i.e. for spending transactions).
case class MyTransactions(
env: CardanoInfo,
evaluator: PlutusScriptEvaluator,
contract: PlutusV3[Data => Unit]
) {
def script: Script.PlutusV3 = contract.script
val scriptAddress: Address = contract.address(env.network)
// Necessary to have funds locked behind the contract under test
def sendToScript(utxos: Utxos, datum: MyDatum, sponsor: Address, signer: TransactionSigner): Transaction =
TxBuilder(env)
.spend(Utxo(utxos.head))
.payTo(scriptAddress, Value.ada(10), datum) // or pass the ada amount in a parameter
.complete(availableUtxos = utxos, sponsor = sponsor)
.sign(signer)
.transaction
def spendFromScript(
utxos: Utxos,
scriptUtxo: Utxo,
redeemer: MyRedeemer,
signerPkh: AddrKeyHash,
sponsor: Address,
signer: TransactionSigner
): Transaction =
TxBuilder(env, evaluator)
.spend(scriptUtxo, redeemer, script)
.spend(Utxo(utxos.head))
.payTo(sponsor, scriptUtxo.output.value)
.complete(availableUtxos = utxos, sponsor = sponsor)
.sign(signer)
.transaction
}
Test file
// ScalusTest provides: PlutusVM, Alice/Bob/Eve/Charles/Dave parties (via Party.*),
// cardanoEnv, genesisHash, assertScriptFail, and ArbitraryInstances
class MyValidatorTest extends AnyFunSuite, ScalusTest {
import MyValidatorTest.{*, given}
test("valid redeemer succeeds") {
val provider = createProvider()
// ... build and submit transactions
}
}
object MyValidatorTest extends ScalusTest {
private given env: CardanoInfo = TestUtil.testEnvironment
private val compiledContract = MyContract.withErrorTraces
private val scriptAddress = compiledContract.address(env.network)
private val txCreator = MyTransactions(
env = env,
evaluator = PlutusScriptEvaluator.constMaxBudget(env),
contract = compiledContract
)
private def createProvider(): Emulator = {
// genesisHash is a zero-hash sentinel used as the "genesis" input
val initialUtxos = Map(
TransactionInput(genesisHash, 0) -> TransactionOutput(Alice.address, Value.ada(5000)),
TransactionInput(genesisHash, 1) -> TransactionOutput(Alice.address, Value.ada(5000)),
TransactionInput(genesisHash, 2) -> TransactionOutput(Bob.address, Value.ada(5000)),
)
Emulator(initialUtxos = initialUtxos, initialContext = Context.testMainnet())
}
}
Submitting a transaction
provider.submit(tx).await() match {
case Left(value) => fail(s"Transaction failed: $value")
case Right(_) => ()
}
Testing negative cases (validator expected to fail)
Override PlutusScriptEvaluator so TxBuilder won't reject the transaction during construction:
val evaluator = PlutusScriptEvaluator.constMaxBudget(env)
TxBuilder(env, evaluator)
.spend(scriptUtxo, badRedeemer, script, Set(signerPkh))
...
.complete(...) // or `build`
.sign(signer)
.transaction
// Then submit to the Emulator and assert Left(SubmitError.ScriptFailure(...))
Related Skills
scalus3/smart-contract-security-review
development
VerifiedTrustedCommunity
Security review for Scalus/Cardano smart contracts. Analyzes @Compile annotated validators for vulnerabilities like redirect attacks, inexact value validation, missing token verification, integer overflow, and self-dealing. Use when reviewing on-chain code, before deploying validators, or when /security-review is invoked. Requires explicit path argument.
102SKILL.mdUpdated Apr 12, 2026
scalus3/optimize-contract
development
VerifiedTrustedCommunity
Optimize Scalus/Cardano smart contracts for execution budget (CPU steps and memory). Analyzes @Compile annotated validators for performance issues — expensive patterns, unnecessary allocations, redundant traversals, missed short-circuits. Provides concrete Scalus rewrites with budget impact estimates. Use when reviewing on-chain code performance or when /optimize-contract is invoked. Requires explicit path argument.
102SKILL.mdUpdated Apr 12, 2026
openclaw/openclaw-secret-scanning-maintainer
development
VerifiedTrustedCommunity
Maintainer-only workflow for handling GitHub Secret Scanning alerts on OpenClaw. Use when Codex needs to triage, redact, clean up, and resolve secret leakage found in issue comments, issue bodies, PR comments, or other GitHub content.
357,764SKILL.mdUpdated Apr 15, 2026
openclaw/openclaw-release-maintainer
development
VerifiedTrustedCommunity
Maintainer workflow for OpenClaw releases, prereleases, changelog release notes, and publish validation. Use when Codex needs to prepare or verify stable or beta release steps, align version naming, assemble release notes, check release auth requirements, or validate publish-time commands and artifacts.
357,764SKILL.mdUpdated Apr 10, 2026